Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
A Testbed for Quantitative Assessment of Intrusion Detection Systems using Fuzzy Logic
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
Hi-index | 0.00 |
This paper describes a set of metrics that will help administrators of distributed, real-time (clustered) computer facilities to select the best intrusion detection system for their facilities. The metrics herein are the subset of our general metric set that particularly impact real-time and distributed processing issues. We discuss related works in this field, the role of intrusion detection in information assurance, some basic classes of intrusion detection systems, a general architecture of network intrusion detection systems, and the scorecard metrics and their application to real-time and distributed processing systems. Finally we discuss the lessons we learned using a preliminary version of the metric scorecard to test three commercial intrusion detection systems and the opportunities for further work in this area.